Considerations on moving data to the Middle East

What is special about the UAE?

As international companies look to host within the region. data sovereignty and latency issues will be key driving factors. The United Arab Emirates (UAE) is viewed as an attractive ICT hub; technology infrastructure is key to its innovation strategy and the wider UAE Vision 2021.

The country is fully capable of providing secure and resilient infrastructures to ensure minimum risks and maximum uptime. Having a data center in the region allows companies to focus on their core business, without having to worry about how and where their data is stored.

As data centers strive to deliver efficiency that can bring value to clients, one of the most challenging tasks in a hot and dry environment such as the UAE, is cooling. The more advanced and efficient cooling technology is, the lower the power bill and the more environmentally-friendly the data center will be. Khazna has facilities in Abu Dhabi and Dubai, which aim to be 40 percent more energy efficient than a typical data center in the UAE.

In cold climates such as Northern Europe and some parts of the USA, data centers providers rely on fresh air as a main source of cooling or “free cooling” with chillers to compensate during the summer season. However, here in the Middle East it is quite the opposite, and most data centers rely on the chiller almost 100 percent of the time.

Khazna’s facilities have adopted higher delta temperatures and use water cooled chiller systems with an option to trigger “free cooling” when outdoor temperatures drop in winter, reducing the Power Usage Effectiveness (PUE) to a target of 1.6, reducing power bills.

Modern indirect evaporative technologies require only one third of the water supply compared to traditional economizers. They are available as single units without the need of mechanical cooling.

Data is a weapon

Data is a powerful weapon that can have severe ramifications on privacy, cyber security and even the economic growth of a country, if it falls into the wrong hands.

There is no international consensus on data sovereignty, so countries are entitled to make the privacy and data-hosting laws as lenient or as strict as they like. Thus, businesses have to comply with several different legal systems if they wish to transfer personal data across borders.

In Europe, for example, the EU General Data Protection Regulation (GDPR) extends the scope of the EU government’s control over personal data, by regulating “all companies processing the personal data of data subjects residing in the Union, regardless of the company’s location.” This means that personal data originating from the EU can’t be transferred to countries that are deemed not to provide an adequate level of protection, including the US, unless the data is covered under agreed rules.

The UAE government has not yet implemented a specific data protection regulation. Instead, the government relies on several different regulations, including the Regulating Telecommunications Law which protects telecoms consumers in the UAE, the Cyber Crime Law and certain clauses within the Penal Code and Constitution, to maintain a stringent control over data within its borders.

In the UAE, as in many places around the world, all data is not equal. Public organizations, for example, cannot have their data leave the UAE, presumably because their data would be government related and therefore be considered vital to national security.

This local storage clause also applies to a wide array of other sectors – notably the healthcare, financial and education sectors – that are considered strategic and sensitive in nature, and would thus require increased protection. Other countries like Saudi Arabia have adopted similar approach.

I am certain that each country within the Middle East has its own approach to the subject but we see more countries being reluctant to host and process critical data outside their boundary.